Privacy & Cookies Policy
Who we are
We are White Falcon 11 Ltd trading as Falcon-Care. Our company registered number 09755838 our registered address Suite 11, The Saturn Centre, Challenge Way, Blackburn, Lancashire, BB1 5QB.
As a ‘data controller’, we are responsible for how we process your information in the UK. The UK General Data Protection Regulation (UK GDPR) sits alongside an amended version of the Data Protection Act (DPA) 2018 and applies to most UK businesses and organisations. We must comply with this data protection regime with regards to the data protection principles, our obligations and your rights as a UK citizen.
All our data processing activities are monitored by our appointed Data Protection Officer to ensure that the information we collect is:
- Used lawfully, fairly and in a transparent way
- Relevant and for reasons that we have told you about
- Accurate and up to date
- Kept only for as long as it is needed
- Kept securely
Customer Privacy Promise
- If Falcon-Care does not transfer personal data outside of the EEA, Falcon-Care will delete the section entitled “Where we store your personal data”
- If Falcon-Care is not required to appoint a Data Protection Officer, Falcon-Care will delete references to the Data Protection Officer or will consider replacing references to the Data Protection Officer with references to the Privacy Officer at Falcon-Care or other person nominated to have day-to-day responsibility for data protection and GDPR
4. Falcon-Care must, therefore, update its processes for collecting consent for cookies. In practice, this means:
- Users must take a clear and positive action to consent to non-essential cookies
- The websites and apps of Falcon-Care must tell users clearly what cookies will be set and what they do, including any third-party cookies
Pre-ticked boxes or any equivalents, such as sliders defaulted to “on”, cannot be used for non- essential cookies
- The users at Falcon-Care must have control over any non-essential cookies
- Non-essential cookies must not be set on landing pages before you gain the user’s consent
Consent is not required for cookies that are defined as “strictly necessary” or that fall within the communication exemption. “Strictly necessary” cookies are those that are essential to providing the service requested by the user. Such cookies must be essential to fulfil their request. Those that are simply helpful or convenient, but not essential, or that are essential for the purposes of Falcon-Care, will still require consent. The communication exemption is about the transmission of a communication over an electronic communications network. For the exemption to apply, the transmission of the communication must be impossible without the use of the cookie. Simply using a cookie to assist the communication is insufficient
for the exemption to apply.
Falcon-Care must note, in particular, that cookies used for analytical purposes or those used for marketing and advertising will always need consent as they are considered to be non-essential. This guidance may change as the latest draft legislation is subject to some challenges on this point.
Falcon-Care must read the ICO’s cookie guidance available at: https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/ for further information on the types of cookie that require consent.
3. Falcon-Care will use the template Fair Processing Notice to inform all other Data Subjects, including Customer s, about how Falcon-Care processes personal data other than personal data collected via the website.
1. Special Categories of Data
Has an equivalent meaning to “Sensitive Personal Data” under the Data Protection Act 2018. Special categories of data include but are not limited to medical and health records (including information collected as a result of providing health care services), Care Plans and information about a person’s religious beliefs, ethnic origin and race, sexual orientation and political views
2. The Information Commissioner’s Office (ICO)
The ICO is the UK’s independent body set up to uphold information rights
Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular client and website and can be accessed either by the web server or the client’s computer
4. Process or Processing
Doing anything with personal data, including but not limited to collecting, storing, holding, using, amending or transferring it. Falcon-Care does not need to be doing anything actively with personal data – at the point Falcon-Care collects it, it is processing it
5. UK GDPR
The UK GDPR is the retained EU law version of GDPR that forms part of English law
General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It was adopted on 14 April 2016 and, after a two-year transition period, became enforceable on 25 May 2018. References to GDPR include references to the UK GDPR
7. Data Protection Act 2018
The Data Protection Act 2018 is a United Kingdom Act of Parliament that updates data protection laws in the UK. It sits alongside the General Data Protection Regulation and implements the EU’s Law Enforcement Directive
8. Data Subject
The individual about whom Falcon-Care has collected personal data
9. Personal Data
Any information about a living person including but not limited to names, email addresses, postal addresses, job roles, photographs, CCTV and special categories of data, as defined below
- Key Facts - Professionals
Professionals providing this service should be aware of the following:
- Key Facts - People affected by the service
People affected by this service should be aware of the following:
- National Data Opt Out
How care services use your information
Whenever you use a health or care service, such as attending Accident & Emergency or using Community Care services, important information about you is collected in a patient record for that service. Collecting this information helps to ensure you get the best possible care and treatment.
The information collected about you when you use these services can also be used and provided to other organisations for purposes beyond your individual care, for instance to help with:
- improving the quality and standards of care provided
- research into the development of new treatments
- preventing illness and diseases
- monitoring safety
- planning services
This may only take place when there is a clear legal basis to use this information. All these uses help to provide better health and care for you, your family and future generations. Confidential patient information about your health and care is only used like this where allowed by law.
Most of the time, anonymised data is used for research and planning so that you cannot be identified in which case your confidential patient information isn’t needed.
You have a choice about whether you want your confidential patient information to be used in this way. If you are happy with this use of information you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.
To find out more or to register your choice to opt out, please visit www.nhs.uk/your-nhs-data-matters. On this web page you will:
- See what is meant by confidential patient information
- Find examples of when confidential patient information is used for individual care and examples of when it is used for purposes beyond individual care
- Find out more about the benefits of sharing data
- Understand more about who uses the data
- Find out how your data is protected
- Be able to access the system to view, set or change your opt-out setting
- Find the contact telephone number if you want to know any more or to set/change your opt-out by phone
- See the situations where the opt-out will not apply
You can also find out more about how patient information is used at:
https://www.hra.nhs.uk/information-about-patients/ (which covers health and care research); and
https://understandingpatientdata.org.uk/what-you-need-know (which covers how and why patient information is used, the safeguards and how decisions are made)
You can change your mind about your choice at any time.
Data being used or shared for purposes beyond individual care does not include your data being shared with insurance companies or used for marketing purposes and data would only be used in this way with your specific agreement.
Falcon-Care reviews all of our data processing on an annual basis to assess if the national data opt-out applies. This is recorded in our Record of Processing Activities. All new processing is assessed to see if the national data opt-out applies.
If any data processing falls within scope of the National Data Opt-Out we use MESH to check if any of our service users have opted out of their data being used for this purpose.
At this time, we do not share any data for planning or research purposes for which the national data opt-out would apply. We review all of the confidential patient information we process on an annual basis to see if this is used for research and planning purposes. If it is, then individuals can decide to stop their information being shared for this purpose. You can find out more information at https://www.nhs.uk/your-nhs-data-matters/.
Health and care organisations have until 31st July 2022 to put systems and processes in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care. Falcon-Care is compliant with the national data opt-out policy.